sync some patches from upstream

2025-02-13 03:42:16 +00:00 · 2025-02-13 03:42:16 +00:00 · 73921d7939
commit 73921d7939
parent 953e88984e
3 changed files with 106 additions and 1 deletions
--- a/backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch
+++ b/backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch
@ -0,0 +1,52 @@
+From 0f12e6d5bb325df4eb9273b1e294a2cf94a53120 Mon Sep 17 00:00:00 2001
+From: Jan Macku <jamacku@redhat.com>
+Date: Tue, 28 May 2024 12:25:57 +0200
+Subject: [PATCH 1/1] ping: check return value of write() to avoid integer
+ overflow
+
+Error: INTEGER_OVERFLOW (CWE-190):
+iputils-20240117/ping/ping.h:291: tainted_data_return: Called function "write(1, str + o, len - o)", and a possible return value may be less than zero.
+iputils-20240117/ping/ping.h:291: assign: Assigning: "cc" = "write(1, str + o, len - o)".
+iputils-20240117/ping/ping.h:292: overflow: The expression "o += cc" might be negative, but is used in a context that treats it as unsigned.
+iputils-20240117/ping/ping.h:291: overflow: The expression "len - o" is deemed underflowed because at least one of its arguments has underflowed.
+iputils-20240117/ping/ping.h:291: overflow_sink: "len - o", which might have underflowed, is passed to "write(1, str + o, len - o)".
+  289|           ssize_t cc;
+  290|           do {
+  291|->                 cc = write(STDOUT_FILENO, str + o, len - o);
+  292|                   o += cc;
+  293|           } while (len > o || cc < 0);
+
+Closes: https://github.com/iputils/iputils/pull/545
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Reviewed-by: Cyril Hrubis <chrubis@suse.cz>
+Signed-off-by: Jan Macku <jamacku@redhat.com>
+
+Reference:https://github.com/iputils/iputils/commit/0f12e6d5bb325df4eb9273b1e294a2cf94a53120
+Conflict:NA
+
+---
+ ping/ping.h | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/ping/ping.h b/ping/ping.h
+index 98d035d..3e2e3c3 100644
+--- a/ping/ping.h
+++ b/ping/ping.h
+@@ -290,8 +290,12 @@ static inline void write_stdout(const char *str, size_t len)
+ 	ssize_t cc;
+ 	do {
+ 		cc = write(STDOUT_FILENO, str + o, len - o);
+-		o += cc;
+-	} while (len > o || cc < 0);
+
+		if (cc < 0)
+			break;
+
+		o += (size_t) cc;
+	} while (len > o);
+ }
+ 
+ /*
+-- 
+2.33.0
+
--- a/backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch
+++ b/backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch
@ -0,0 +1,45 @@
+From bacf1b7bb8555c407d065e97015319abef2a742d Mon Sep 17 00:00:00 2001
+From: Ahmad Fatoum <a.fatoum@pengutronix.de>
+Date: Thu, 4 Apr 2024 21:17:39 +0200
+Subject: [PATCH 1/1] ping: fix IPv4 checksum check always succeeding once
+ again
+
+This issue was fixed once already in commit bff65fbb6f73
+("fix checksum always success in IPv4 ping."), but was reverted
+shortly after, likely due to a botched rebase.
+
+Fix this issue again, so ping correctly reports checksum mismatches
+in ICMP ECHO replies.
+
+This time it was found with barebox v2024.03.0 (or older) which has
+broken checksum on a Raspberry Pi 3b and ping its network interface
+(checksum mismatch verified by Wireshark).
+
+Closes: https://github.com/iputils/iputils/pull/534
+Fixes: 8b8686794f69 ("warnings: remove variable shadowing")
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
+
+Reference:https://github.com/iputils/iputils/commit/bacf1b7bb8555c407d065e97015319abef2a742d
+Conflict:NA
+
+---
+ ping/ping.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ping/ping.c b/ping/ping.c
+index d0803fe..1a3e52c 100644
+--- a/ping/ping.c
+++ b/ping/ping.c
+@@ -1654,7 +1654,7 @@ int ping4_parse_reply(struct ping_rts *rts, struct socket_st *sock,
+ 			wrong_source = 1;
+ 		if (gather_statistics(rts, (uint8_t *)icp, sizeof(*icp), cc,
+ 				      ntohs(icp->un.echo.sequence),
+-				      reply_ttl, 0, tv, pr_addr(rts, from, sizeof *from),
+				      reply_ttl, csfailed, tv, pr_addr(rts, from, sizeof *from),
+ 				      pr_echo_reply, rts->multicast, wrong_source)) {
+ 			fflush(stdout);
+ 			return 0;
+-- 
+2.33.0
+
--- a/iputils.spec
+++ b/iputils.spec
@ -1,6 +1,6 @@
 Name:            iputils
 Version:         20221126
-Release:         5
+Release:         6
 Summary:         Network monitoring tools including ping
 License:         BSD and GPLv2+
 URL:             https://github.com/iputils/iputils
@ -26,6 +26,8 @@ Patch6005:	     backport-ping6-Fix-support-for-DSCP.patch
 Patch6006:	     backport-Revert-ping-use-random-value-for-the-identifier-field.patch
 Patch6007:	     backport-ping-Handle-interval-correctly-in-the-second-after-booting.patch
 Patch6008:	     backport-tracepath-Dont-assume-tv_sec-0-means-unset.patch
+Patch6009:	     backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch
+Patch6010:	     backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch

 BuildRequires:   gcc meson libidn2-devel openssl-devel libcap-devel libxslt
 BuildRequires:   docbook5-style-xsl systemd iproute glibc-kernheaders gettext
@ -98,6 +100,12 @@ install -cp ifenslave.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/
 %{_mandir}/man8/*.8.gz
 
 %changelog
+* Thu Feb 13 2025 yanglu <yanglu72@h-partners.com> - 20221126-6
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:sync some patches from upstream
+
 * Fri Apr 26 2024 suhai <sunhai10@huawei.com> - 20221126-5
 - Type:bugfix
 - ID:NA